Intro.

By default, CentOS comes with iptables enabled and some basic firewall rules ON.

You can verify the iptables firewall status by launching the following command:

CentOS iptables default rules.

iptables -L

Those are the default CentOS rules and they're just waiting to be customized by you!

Configure it!

- For example, you may wish to ALLOW HTTP traffic like so:

# Allows HTTP Traffic.
-A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

- Or maybe you're willing to allow MySQL traffic?

# Allows MySQL Traffic.
-A INPUT -i eth0 -p tcp --dport 3306 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

- What about allowing SSH only to a particular subnet?

# Allows SSH to 10.100.100.0/24.
-A INPUT -p tcp -s 10.100.100.0/24 --dport 22 -j ACCEPT

Sorry, I forgot to tell you'll have to edit /etc/sysconfig/iptables (make a backup copy first!), then restart the daemon!

...or just Disable it.

Alright, alright, if you really must:

CentOS Disable iptables.

chkconfig iptables off
chkconfig ip6tables off

Have phun (no phun intended)!

Senior Professional Network and Computer Systems Engineer during work hours and father when home.

Andrea strives to deliver outstanding customer service and heaps of love towards his family.

In this Ad-sponsored space, Andrea shares his quest for "ultimate" IT knowledge, meticulously brought to you in an easy to read format.

Rate this post